I'm building a PHP application on top of IIS 6 using integrated authentication. It uses Active Directory as its role store by querying the group memberships of the current user.
The below search filter will work when you run it directly against Active Directory, however an error is thrown when trying to run it via PHP.
(member:1.2.840.113556.1.4.1941:=CN=Doe\, John,OU=Department,OU=All_Users,DC=internal,DC=domain,DC=com)
The exact error is PHP Warning: ldap_search() [function.ldap-search]: Search: Bad search filter
Code: Select all
$groupresult = ldap_search($connect, $groupdn, '(member:1.2.840.113556.1.4.1941:=CN=Doe\, John,OU=Department,OU=All_Users,DC=internal,DC=domain,DC=com)', $groupattributes) or die ('Fatal error: There was an error during the LDAP query.');Another query that runs prior to this pulls out the user's attributes, so I know that the connection, bind, and search capabilities are functional.
Has anyone else tried this before and found a solution?